Cross domain load?  It looks all local to me!

Similar Messages

• Are Cross Domain Flash Local Shared Objects (LSO aka Flash Cookie) possible

  Hi,
  I found several solutions for creating Flash LSOs from JavaScript (for example: http://www.nuff-respec.com/technology/cross-browser-cookies-with-flash )
  If Page (www.hostA.com/index.html) and the .swf file are from the same site, everything works fine.
  Now I'm trying to load the page form www.hostA.com/index.html, which includes www.hostB.com/flashcookie.swf (different sites). But then I cannot read or store the LSO.
  I have tried several configurations (crossdomain.xml,  Security.allowDomain("...") ), but nothing works.
  Is this kind of cross domain access to a LSO possible?
  Can a flash based advertisement delivered by a 3rd party save a LSO on my disc?
  Thanks
  -stephan

  I 100% agree!  We have an application that the Government requires information to be stored on the users computer as part of Multi-Factor-Authentication.  We originally wrote it as a browser application and when everyone and their brother started deleting browser cookies because of security concerns, we totally re-wrote it as a Flash application to take advantage of permanent storage.  This new "feature" in Flash Player is causing much concern because thousands of users will need to start answering lots of security questions every single time they use the application (ie: daily) and our staff is having to handle technical support questions that shouldn't exist.  Right now it's only IE that's causing the issue, but I'm sure every browser and Internet Security program will soon be adding this to their products.  There should at least be a way for the USER to white-list a specific Domain so Flash could exempt those sites from ANY external program trying to delete ALL Shared Objects/Local Storage/Flash Cookies.  The USER should be given that choice.  This would satisfy the extra privacy you are putting in there and still allow information to be stored from sites that require it.
  John

• Load XML file from addon domain without cross-domain Policy file

  Hello.
  Assuming that there are two addon domains on the same server: /public_html/domain1.com       and      /public_html/domain2.com
  I try to load XML file from domain2.com into domain1.com without using cross-domain policy file (since it doesn’t work on xml files in my case).
  So the idea is to use php file in order to load XML and read it back to flash.
  I’ve found an interesting scripts that seems to do the job but unfortunately I can't get it to work. In my opinion there is somewhere problem with AS3 part. Please take a look.
  Here are the AS3/PHP scripts:
  AS3 (.swf in www.domain1.com):
  // location of the xml that you would like to load, full http address
  var xmlLoc:String = "http://www.domain2.com/MyFile.xml";
  // location of the php xml grabber file, in relation to the .swf
  var phpLoc:String = "loadXML.php";
  var xml:XML;
  var loader:URLLoader = new URLLoader();
  var request:URLRequest = new URLRequest(phpLoc+"?location="+escape(xmlLoc) );
  loader.addEventListener(Event.COMPLETE, onXMLLoaded);
  loader.addEventListener(IOErrorEvent.IO_ERROR, onIOErrorHandler);
  loader.load(request);
  function onIOErrorHandler(e:IOErrorEvent):void {
      trace("There was an error with the xml file "+e);
  function onXMLLoaded(e:Event):void {
      trace("the rss feed has been loaded");
      xml = new XML(loader.data);
      // set to string, since it is passed back from php as an object
      xml = XML(xml.toString());
      xml_txt.text = xml;
  PHP (loadXML.php in www.domain1.com):
  <?php
  header("Content-type: text/xml");
  $location = "";
  if(isset($_GET["location"])) {
      $location = $_GET["location"];
      $location = urldecode($location);
  $xml_string = getData($location);
  // pass the url encoded vars back to Flash
  echo $xml_string;
  //cURLs a URL and returns it
  function getData($query) {
      // create curl resource
      $ch = curl_init();
      // cURL url
      curl_setopt($ch, CURLOPT_URL, $query);
      //Set some necessary params for using CURL
      curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
      curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
     //Execute the curl function, and decode the returned JSON data
      $result = curl_exec($ch);
      return $result;
      // close curl resource to free up system resources
      curl_close($ch);
  ?>

  I think you might be right about permissions/settings on the server for php. Unfortunately I'm not allowed to adjust them.
  So I wrote my own script - this time I used file path instead of http address of the XML file.  It works fine in my case.
  Here it is:
  XML file on domain2.com:
  <?xml version="1.0" encoding="UTF-8"?>
  <gallery>
      <image imagePath="galleries/gallery_1/images/1.jpg" thumbPath="galleries/gallery_1/thumbs/1.jpg" file_name= "1"> </image>
      <image imagePath="galleries/gallery_1/images/2.jpg" thumbPath="galleries/gallery_1/thumbs/2.jpg" file_name= "2"> </image>
      <image imagePath="galleries/gallery_1/images/3.jpg" thumbPath="galleries/gallery_1/thumbs/3.jpg" file_name= "3"> </image>
  </gallery>
  swf  on domain1.com:
  var imagesXML:XML;
  var variables:URLVariables = new URLVariables();
  var varURL:URLRequest = new URLRequest("MyPHPfile.php");
  varURL.method = URLRequestMethod.POST;
  varURL.data = variables;
  var MyLoader:URLLoader = new URLLoader;
  MyLoader.dataFormat =URLLoaderDataFormat.VARIABLES;
  MyLoader.addEventListener(Event.COMPLETE, XMLDone);
  MyLoader.load(varURL);
  function XMLDone(event:Event):void {
      var imported_XML:Object = event.target.data.imported_XML;
      imagesXML = new XML(imported_XML);
     MyTextfield_1.text = imagesXML;
     MyTextfield_2.text = imagesXML.image[0].attribute("thumbPath");  // sample reference to attribute "thumbPath" of the first element
  php file on domain1.com:
  <?php
  $xml_file = simplexml_load_file('../../domain2.com/galleries/gallery_1/MyXMLfile.xml');  // directory to XML file on the same server
  $imported_XML = $xml_file->asXML();
  print "imported_XML=" . $imported_XML;
  ?>
  Regards
  PS: for those who read the above discussion: the first and the second script work but you must test which one is better in your situation. The first script will also work between two domains on different servers. No cross domain policy file needed.

• Cross-domain SWF loading doesn't work

  I've been trying to get cross-domain SWF loading to work for
  a while now, but even though it works from the Flash IDE the loaded
  SWF is blank when I upload it to a webserver somewhere. And yes,
  both servers have a crossdomain.xml file in their root folder, and
  I've also used System.security.allowDomain("*"). I've published
  both using the 'using network' option in the publish dialog.
  Could someone please help me with this, as I can't seem to
  find why it isn't loading. I've also read the entire PDF about
  Flash 9 security, but I couldn't find anything about external SWF
  loading except for the crossdomain files.

  A little more color on this: If there are 2 or more messages in the active mailbox (and others in a different mailbox), the expand/collapse function works for the messages in the active mailbox. In the message column on the right, all the messages in the conversation are shown (both mailboxes). Only those messages in the active box are shown in the list column when the conversation is expanded. I can kind of see how this might be intentional, but it's strange to see lots of messages in the conversation in the right column, but only one or a few corresponding items in the messge list.

• How and when to load cross-domain.xml for web services.

  I'm accessing some 3rd party web services and so I need them to have a cross-domain.xml file, which they have done.
  In order to access their web services, am I correct that I need to load the cross-domain.xml file they put on their web server, and if so, is my code to do so below correct, which I put in my creationComplete handler function?
  Note, of course the IP address in my code is not 0.0.0.0.
  Do I need all these lines, and am I doing this correctly?
  Currently I am getting a SecurityErrorEvent.
  Security.allowDomain("0.0.0.0");
  Security.loadPolicyFile("http://0.0.0.0/crossdomain.xml");
  var request:URLRequest = new URLRequest("http://0.0.0.0/crossdomain.xml");
  var loader:URLLoader = new URLLoader();
  loader.addEventListener(Event.COMPLETE, policyLoaded);
  loader.addEventListener(IOErrorEvent.IO_ERROR, policyIOError);
  loader.addEventListener(SecurityErrorEvent.SECURITY_ERROR, policySecurityError);
  loader.load(request);

  Okay, I found that when I put the crossdomain.xml file at the root of my web site file area my hosting company provides, I do not specifically need to load the crossdomain.xml file.
  But if I want finer control over who has access to what, and I put the crossdomain.xml file in the same directory as my Flex app SWF file, what lines of the following code (or additional lines I don't know about) should I put in my app creationComplete handler function to load the crossdomain.xml file?
  Note, of course the IP address in my code is not 0.0.0.0.
  Do I need all these lines, and am I doing this correctly?
  Security.allowDomain("0.0.0.0");
  Security.loadPolicyFile("http://0.0.0.0/myAppFolder/crossdomain.xml");
  var request:URLRequest = new URLRequest("http://0.0.0.0/myAppFolder/crossdomain.xml");
  var loader:URLLoader = new URLLoader();
  loader.addEventListener(Event.COMPLETE, policyLoaded);
  loader.addEventListener(IOErrorEvent.IO_ERROR, policyIOError);
  loader.addEventListener(SecurityErrorEvent.SECURITY_ERROR, policySecurityError);
  loader.load(request);

• Cross domain policy issues

  I am attempting to communicate with a web service via flash
  across sub domains. All works fine and dandy on my local machine,
  but when i upload to my web server there is no communication across
  the domains. The way the servers are configured, i don't have
  access to the root of the domain to place the crossdomain.xml in
  the default location, so i have it in the folder next to the web
  service and link to it directly shown below. I have this line on
  the first frame of the first layer of my file
  quote:
  System.security.loadPolicyFile("MYDOMAIN/StudentConnect2Apply/crossdomain.xml");
  The server containing the flash file is insecure and the web
  service is secure (https). this is what my crossdomain.xml file
  looks like:
  quote:
  <cross-domain-policy>
  <allow-access-from domain="*.MYDOMAIN.net"
  secure="false"/>
  </cross-domain-policy>
  I have also enabled logging within my flash player to track
  down problems, when i initially load the page in the browser, it
  approves the policy file:
  quote:
  OK: Policy file accepted:
  https://MYDOMAIN/StudentConnect2Apply/crossdomain.xml
  But after submitting the form and attempting to interact with
  the web service, i get an error saying permission is denied due to
  lack of policy file permissions and
  quote:
  Warning: Failed to load policy file from
  MYDOMAIN/crossdomain.xml
  It is looking in the root of the domain after i defined and
  it accepted the overridden location. Is there another way to define
  where the crossdomain.xml file is located that i am missing,
  possibly in the web service settings somewhere?

  I have found my answer, thanks to another forum.
  Meta-Cross Domain Policies.
  http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_03.html
  Basically I can now say "f*ck you adobe. I as a college
  student who likes to host things on my 150 MB of server space can
  no longer host XML formatted levels for games I write. Because I am
  not the administrator of the server and will never be able to
  convince the administrator to let me have the MCDP file allow my
  flash file to load it's levels."
  F*ck you Adobe, F*ck You.

• Cross domain policy file and BitmapData

  Hey guys and gals, I'm having an issue with a Security error
  when trying to access photos from an external site. I have a client
  who is at siteA.com, who wants to load in photos from siteB.com,
  siteC.com, and probably 100 other sites. He has permission to do so
  from the other sites, but doesn't want to go through all the
  trouble of asking each site to post a cross-domain policy file.
  Please correct me if I'm wrong, but the way I understand it is, if
  you want to simply load an image into a Loader object within a swf,
  you're ok, but if you want to access the BitmapData, you will then
  get a security error? My snippet of code that I believe is causing
  the security error is
  public function imageLoaded(e:Event):void {
  var image:Bitmap = Bitmap(e.target.loader.content);
  image.smoothing = true;
  imageContainer.addChild(e.target.loader);
  As you can tell, the reason why I want to access the Bitmap
  itself is to apply smoothing. That is my main concern, I want to be
  able to apply smooth transitions to these pictures that are loaded
  in from external sites. My main goal is to load images externally,
  then apply smooth transitions, so if you know of a way to get
  around the security violations, that would be great. The only
  work-around we have for this is to write a script that will load
  all the images from the external sites onto the local server, as
  this will be less work than getting the cross-domain policy file on
  each server (if that's what it takes). Thanks in advance for
  anybody who can shed some light on the subject.

  If I understand you correctly, a 'helper' swf would be on the
  site where the images are held, much like a cross-domain policy
  file? I don't understand how that would be much different than
  getting the external sites to add a cross-domain policy file on
  their server. It sounds easier to just throw the cross-domain
  policy file on the external site's server with '*' for the path of
  allowed directories to load images from. I'm pretty new to the
  cross-domain security issue, so I'm not sure. I don't understand
  why it's a security risk to access the pixels of an image either...
  anybody know about that? Just trying to figure out where to go from
  here on this project. Thanks for the reply GWD, still looking for
  some more feedback.

• Cross Domain Connection Issues with Test Controller

  I am having trouble resolving a problem I have connecting a build agent with the test controller in a cross domain environment.  I have purged out the actual machine names, domain names, and IP addresses just in case that is a security concern. 
  Situation is this:
  All machines are running Visual Studio 2013
  Test controller/agents are on Windows Server 2012 R2
  Test controller is installed as stand-alone in order to be able to do load testing, as well as API and CodedUI.
  Build definition in TFS kicks off the automation using testsettings file to point to build controller
  Application under test uses resources in the ABC.XYZ domain.  Test agents need to be in ABC.XYZ in order to test application E2E.
  TFS is in Main.corp.company.com domain.
  Test controller is a dual-homed box in corp.company.com and ABC.XYZ domains.  It are accessible from Main using the corp.company.com NIC.
  All our dual homed boxes are set up this way.  Dual homed with Main and ABC directly is considered a security violation.
  From the dual homed box, logged in with my ABC credentials, I can access TFS in Main using my Main credentials.
  Manually, I can successfully kick off a test run from a command line from a VM in ABC.
  Build controller and build agents are in Main.corp.company.com.
  Build controller can successfully connect to build agent, and build agent successfully builds the automation.
  Build agent fails to connect to build controller:
  Failed to queue test run 'buildagent@MachineOne 2014-08-12 12:35:34_Any CPU_Debug': No such host is known
  I can ping the build controller from the test agent, and I can successfully query port 6901:
  Querying target system called:
  testcontroller.corp.company.com
  Attempting to resolve name to IP address...
  Name resolved to 10.10.10.111
  TCP port 6901 (unknown service): LISTENING
  Firewall is turned off on the test controller.  Even if it wasn’t, the relevant rules allowing port 6901 and File and Printer Sharing are created.
  Local Security Policy | Security Options | Network access: Sharing & security model = classic
  NETBIOS names of the test agents and build agent are set in the test controller’s hosts file (they were pingable without this anyway)
  NETBIOS name of the test controller is set in the test agent’s hosts file (it was pingable without this anyway)
  Tried both simple NETBIOS name and FSDN for test controller in testsettings file
  Considering installing a build agent on the same machine as the test controller, but suspect that would just move my communication problem to build controller : build agent
  Considering moving test controller to Main and making the four test agents dual-homed, but there is a concern to limit the number of dual-homed boxes, and also suspect that would again just move the communication problem.
  I can use netstat to verify that the service is listening to port 6901 on both NICs:
  TCP    0.0.0.0:6901           0.0.0.0:0              LISTENING       6536
  TCP    [::]:6901              [::]:0                 LISTENING      
  6536
  (PID 6536 is the QTController.exe)
  However the VSTTController.log only mentions listening to the ABC NIC.  Since the connection to the ABC test agents works, that makes sense.
  When I open the testsettings file on my laptop in the Main domain and examine the server name, there is a warning that the host cannot be found.  When I open it on a VM in the ABC domain I am able to manage the test controller and view all the test
  agents.  However, if I try to restart the build controller I get an access denied error.  Not sure if that is related in some way.
  I am using a ABC domain service account to run the test agent sevice.  There is a Main domain service account running the build.  Both service accounts are administrators on the test controller and in the TeatTestControllerAdmins and TeatTestControllerUsers
  groups.  The test agent service account is also in the TeamTestAgentService group.
  I tried to create a port proxy to forward requests from the Main facing NIC to the port on the ABC facing NIC:
  netsh interface portproxy add v4tov4 listenport=6901 listenaddress=10.10.10.111 connectport=6901 connectaddress=10.20.20.222
  This almost worked.  I could see with netstat commands that the port was opened and a connection was established with the build agent,  however after a long wait it hit an error that it couldn’t find the ABC NIC:
  A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 10.20.20.222:6901
  So apparently the ABC IP is getting forwarded back to the test agent, which then of course can’t use it.
  I am running out of ideas to try.  Not sure where the problem is:
  Cross-domain issue between Main.corp.company.com and corp.company.com?  Or,
  Problem with the test controller not being able to listen on more than one NIC?
  I know I am not the first person to try to set up something cross domain.  Most of the troubleshooting suggestions I have been able to bing have been about fixing connections between test controller and test agents, which isn’t the problem here. 
  Is this set up just so far from standard that VS can’t handle it?
  Thanks in advance,
  Gary

  Hi Gary,
  Thank you for posting in the MSDN forum.
  >> Build agent fails to connect to build controller: Failed to queue test run 'buildagent@MachineOne 2014-08-12 12:35:34_Any CPU_Debug': No such host is known
  >> I know I am not the first person to try to set up something cross domain.  Most of the troubleshooting suggestions I have been able to bing have been about fixing connections between test controller and test
  agents, which isn’t the problem here. 
  Just to make this issue clearly, you mean that it is not the Test Controller and Test Agent issue, am I right?
  As you said that it is related to the Build controller and build Agent, am I right?
  If it is related to the Build Controller and Build Agent, I suggest you post this issue to the TFS forum, there you would get dedicated support.
  http://social.msdn.microsoft.com/Forums/vstudio/en-US/home?category=vstfs&filter=alltypes&sort=lastpostdesc
  If there's any concern, please feel free to let me know.
  Sincerely,
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place. <br/> Click <a
  href="http://support.microsoft.com/common/survey.aspx?showpage=1&scid=sw%3Ben%3B3559&theme=tech"> HERE</a> to participate the survey.

• I am developing a flex web application which needs to access Other domain ,is there any other way other than cross domain policy available ? please help

  i am developing a flex web application which needs to access Other domain (Payment Gateway API),is there any other way other than cross domain policy available ? please help.
  we donot have access other domain thats why we want other solution..

  All the paths to CFCs are the same in my live production site.  Can you be more specific as to what you mean by "RemoteClass aliases in your AS Classes and CFCs (if any) are correct."?  How will the app know that the CFC is on http://myLiveSite.com instead of http://myDevSite.com?  The only line of code that I have noticed that points to a URL is the endpoint in a file called _Super_XXX.as.  And at the top of that file it says that the file is not meant for editting.
  To clarify...I see your app/code all exists on a server access via a web browser so I can understand that everything still works when deployed.  Mine is a mobile app so when I am developing and testing on my local computer the URL points to my local development machine.  However when I deploy it to a mobile device like a tablet and run the app, it needs to be able to access a cfc on a remote server via a different URL ie. my http://myLiveSite.com/myCFC.cfc instead of http://localhost/myCFC.cfc
  Thanks for your help!  I will now take a look at your thread.
  Message was edited by: ace0215

• Domain Admin locked out of local logon

  I have a customer we just took over for. They have an existing issue where the domain administrator cannot log in locally to the DC. I've looked through all their GPOs and cannot find any instance of the domain admin groups being specially being denied this
  right. In fact, it says right in the DC GPO that domain admins have the rights for local log in yet I can't seem to log in. Remote desktop works fine and that is how I've been accessing their DC but I cannot find an answer to this problem. Any ideas? 

  Policy Computer Setting
  Source GPO
  Access Credential Manager as a trusted caller
  Not Defined
  Access this computer from the network kcengr\IWAM_DELL-OFV7446Y6N,Everyone,kcengr\IUSR_DELL-OFV7446Y6N,kcengr\IWAM_DELL-OFV7446Y6N,Administrators,Authenticated Users,ENTERPRISE DOMAIN CONTROLLERS,Pre-Windows 2000 Compatible
  Access,kcengr\IUSR_DELL-OFV7446Y6N,kcengr\IIS_WPG
  Default Domain Controllers Policy
  Act as part of the operating system kcengr\bkupexec
  Default Domain Controllers Policy
  Add workstations to domain Authenticated Users
  Default Domain Controllers Policy
  Adjust memory quotas for a process NT SERVICE\MSSQL$SCANMAIL,IIS APPPOOL\Classic .NET AppPool,kcengr\IWAM_DELL-OFV7446Y6N,LOCAL SERVICE,NETWORK SERVICE,kcengr\IWAM_DELL-OFV7446Y6N,Administrators,IIS APPPOOL\DefaultAppPool,NT
  SERVICE\SQLAgent$SCANMAIL Default Domain Controllers Policy
  Allow log on locally kcengr\IUSR_DELL-OFV7446Y6N,Administrators,Backup Operators,Account Operators,Server Operators,Print Operators,kcengr\IUSR_DELL-OFV7446Y6N,kcengr\IIS_WPG
  Default Domain Controllers Policy
  Allow log on through Remote Desktop Services
  Not Defined
  Back up files and directories Administrators,Backup Operators,Server Operators
  Default Domain Controllers Policy
  Bypass traverse checking NT SERVICE\MSSQL$SCANMAIL,Everyone,Administrators,Authenticated Users,Pre-Windows 2000 Compatible Access,NT SERVICE\SQLAgent$SCANMAIL
  Default Domain Controllers Policy
  Change the system time Administrators,Server Operators,LOCAL SERVICE
  Default Domain Controllers Policy
  Change the time zone Not Defined
  Create a pagefile Administrators
  Default Domain Controllers Policy
  Create a token object kcengr\bkupexec
  Default Domain Controllers Policy
  Create global objects Not Defined
  Create permanent shared objects Default Domain Controllers Policy
  Create symbolic links Not Defined
  Debug programs Administrators
  Default Domain Controllers Policy
  Deny access to this computer from the network
  kcengr\SUPPORT_388945a0 Default Domain Controllers Policy
  Deny log on as a batch job Default Domain Controllers Policy
  Deny log on as a service Default Domain Controllers Policy
  Deny log on locally kcengr\SBS Remote Operators,kcengr\SUPPORT_388945a0,kcengr\SBS STS Worker
  Default Domain Controllers Policy
  Deny log on through Remote Desktop Services
  Not Defined
  Enable computer and user accounts to be trusted for delegation
  Administrators Default Domain Controllers Policy
  Force shutdown from a remote system Administrators,Server Operators
  Default Domain Controllers Policy
  Generate security audits LOCAL SERVICE,NETWORK SERVICE,IIS APPPOOL\Classic .NET AppPool,IIS APPPOOL\DefaultAppPool
  Default Domain Controllers Policy
  Impersonate a client after authentication Not Defined
  Increase a process working set Not Defined
  Increase scheduling priority Administrators
  Default Domain Controllers Policy
  Load and unload device drivers Administrators,Print Operators
  Default Domain Controllers Policy
  Lock pages in memory Default Domain Controllers Policy
  Log on as a batch job kcengr\bkupexec,kcengr\IWAM_DELL-OFV7446Y6N,LOCAL SERVICE,kcengr\IUSR_DELL-OFV7446Y6N,kcengr\IWAM_DELL-OFV7446Y6N,kcengr\IIS_WPG,kcengr\SUPPORT_388945a0,kcengr\IUSR_DELL-OFV7446Y6N,kcengr\IIS_WPG,IIS_IUSRS
  Default Domain Controllers Policy
  Log on as a service kcengr\Administrator,NT SERVICE\MSSQL$SCANMAIL,kcengr\SQLServer2005SQLBrowserUser$KC01,IIS APPPOOL\Classic .NET AppPool,kcengr\bkupexec,NETWORK SERVICE,IIS APPPOOL\DefaultAppPool,SYSTEM,NT SERVICE\SQLAgent$SCANMAIL
  Default Domain Controllers Policy
  Manage auditing and security log kcengr\Exchange Servers,kcengr\Exchange Enterprise Servers,Administrators
  Default Domain Controllers Policy
  Modify an object label Not Defined
  Modify firmware environment values Administrators
  Default Domain Controllers Policy
  Perform volume maintenance tasks Not Defined
  Profile single process Administrators
  Default Domain Controllers Policy
  Profile system performance Administrators
  Default Domain Controllers Policy
  Remove computer from docking station Administrators
  Default Domain Controllers Policy
  Replace a process level token NT SERVICE\MSSQL$SCANMAIL,IIS APPPOOL\Classic .NET AppPool,kcengr\IWAM_DELL-OFV7446Y6N,LOCAL SERVICE,NETWORK SERVICE,kcengr\IWAM_DELL-OFV7446Y6N,IIS APPPOOL\DefaultAppPool,NT SERVICE\SQLAgent$SCANMAIL
  Default Domain Controllers Policy
  Restore files and directories Administrators,Backup Operators,Server Operators
  Default Domain Controllers Policy
  Shut down the system Administrators,Backup Operators,Server Operators,Print Operators,SYSTEM
  Default Domain Controllers Policy
  Synchronize directory service data Default Domain Controllers Policy
  Take ownership of files or other objects Administrators
  Default Domain Controllers Policy
  I am using the domain administrator account to try and log on locally and I cannot see a reason within the DC's GP why it would be prevented. 

• Calling secured web service, cross domain security

  Hey all,
  I am trying to call a secured service, for which i need to enable cross domain security.
  I have followed the steps described in
  http://download.oracle.com/docs/cd/E15523_01/web.1111/e13707/domain.htm#i1176046
  i.e. enabling trust between weblogic server domains.
  The problem is: -
  User authentication is working fine, but i am not able to invoke the operation.
  Here is the content of log file
  [2010-04-01T12:15:58.109+05:30] [AdminServer] [WARNING] [] [org.apache.myfaces.trinidadinternal.context.RequestContextImpl] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Could not find partial trigger port from RichTreeTable[org.apache.myfaces.trinidad.component.UIXTree$RowKeyFacesBeanWrapper@146ad85, id=treetablerequest] with the supported partialTriggers syntax. The partial trigger was found with the deprecated syntax. Please use the supported syntax.
  [2010-04-01T12:15:58.109+05:30] [AdminServer] [WARNING] [] [org.apache.myfaces.trinidadinternal.context.RequestContextImpl] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Could not find partial trigger service from RichTreeTable[org.apache.myfaces.trinidad.component.UIXTree$RowKeyFacesBeanWrapper@146ad85, id=treetablerequest] with the supported partialTriggers syntax. The partial trigger was found with the deprecated syntax. Please use the supported syntax.
  [2010-04-01T12:15:58.125+05:30] [AdminServer] [WARNING] [] [org.apache.myfaces.trinidadinternal.context.RequestContextImpl] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Could not find partial trigger invoke from RichTreeTable[org.apache.myfaces.trinidad.component.UIXTree$RowKeyFacesBeanWrapper@146ad85, id=treetablerequest] with the supported partialTriggers syntax. The partial trigger was found with the deprecated syntax. Please use the supported syntax.
  [2010-04-01T12:15:58.125+05:30] [AdminServer] [WARNING] [] [org.apache.myfaces.trinidadinternal.context.RequestContextImpl] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Could not find partial trigger invoke_footer from RichTreeTable[org.apache.myfaces.trinidad.component.UIXTree$RowKeyFacesBeanWrapper@146ad85, id=treetablerequest] with the supported partialTriggers syntax. The partial trigger was found with the deprecated syntax. Please use the supported syntax.
  [2010-04-01T12:15:58.125+05:30] [AdminServer] [WARNING] [] [org.apache.myfaces.trinidadinternal.context.RequestContextImpl] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Could not find partial trigger operation from RichTreeTable[org.apache.myfaces.trinidad.component.UIXTree$RowKeyFacesBeanWrapper@146ad85, id=treetablerequest] with the supported partialTriggers syntax. The partial trigger was found with the deprecated syntax. Please use the supported syntax.
  [2010-04-01T12:15:58.125+05:30] [AdminServer] [WARNING] [] [org.apache.myfaces.trinidadinternal.context.RequestContextImpl] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Could not find partial trigger request_xml_choice_toggle from RichTreeTable[org.apache.myfaces.trinidad.component.UIXTree$RowKeyFacesBeanWrapper@146ad85, id=treetablerequest] with the supported partialTriggers syntax. The partial trigger was found with the deprecated syntax. Please use the supported syntax.
  [2010-04-01T12:15:59.031+05:30] [AdminServer] [NOTIFICATION] [] [oracle.wsm.agent.WSMAgent] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] WSMAgent is initialized for category=management, function=agent.function.client, topologyNodePath=/wls/em/EJBs/default/COMPONENTs/default/WEBSERVICECLIENTs/ItemCostService/PORTs/ItemCostServiceSoapHttpPort/INTERCEPTORs/, isJ2EE=true
  [2010-04-01T12:15:59.046+05:30] [AdminServer] [NOTIFICATION] [] [oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Recipient Alias property not configured in the policy. Defaulting to encrypting with signers certificate.
  [2010-04-01T12:15:59.046+05:30] [AdminServer] [NOTIFICATION] [] [oracle.wsm.agent.WSMAgent] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] WSMAgent is initialized for category=security, function=agent.function.client, topologyNodePath=/wls/em/EJBs/default/COMPONENTs/default/WEBSERVICECLIENTs/ItemCostService/PORTs/ItemCostServiceSoapHttpPort/INTERCEPTORs/, isJ2EE=true
  [2010-04-01T12:15:59.328+05:30] [soa_server1] [NOTIFICATION] [] [oracle.soa.mediator.serviceEngine] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [composite_name: calling_secured_web_service] [J2EE_MODULE.name: fabric] [component_instance_id: 3B28BA003D5A11DFBF807548C0B7C19C] [component_name: Mediator1] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [composite_instance_id: 30022] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] MediatorServiceEngine received a request for operation = retrieveItemCost
  [2010-04-01T12:16:02.109+05:30] [soa_server1] [WARNING] [] [oracle.soa.mediator.common] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [composite_name: calling_secured_web_service] [J2EE_MODULE.name: fabric] [component_instance_id: 3B28BA003D5A11DFBF807548C0B7C19C] [component_name: Mediator1] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [composite_instance_id: 30022] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] Payload after BaseActionHander.requestMessage :{parameters=oracle.xml.parser.v2.XMLElement@137ba0c}
  [2010-04-01T12:16:02.109+05:30] [soa_server1] [WARNING] [] [oracle.soa.mediator.common] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [composite_name: calling_secured_web_service] [J2EE_MODULE.name: fabric] [component_instance_id: 3B28BA003D5A11DFBF807548C0B7C19C] [component_name: Mediator1] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [composite_instance_id: 30022] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] Properties after BaseActionHander.requestMessage :{ReferenceInstance=[email protected]9371, to=http://adc60091fems.us.oracle.com:6079/cstItemCosts/ItemCostService, oracle.fabric.security.identity.subject=Subject:[[
  Principal: CrossDomainConnectors
  Principal: all_function_all_data
  Principal: authenticated-role
  Private Credential: Subject:
  Principal: all_function_all_data
  Principal: CrossDomainConnectors
  , tracking.compositeInstanceId=30022, tracking.ecid=0000IUs7bmy1f_JLMm0Fye1Bg7vS000325, tracking.conversationId=null, tracking.compositeInstanceCreatedTime=Thu Apr 01 12:15:59 IST 2010, action=http://xmlns.oracle.com/apps/scm/costing/itemCosts/service/ItemCostService/retrieveItemCostRequest, tracking.parentComponentInstanceId=reference:30019, MESH_METRICS=null, tracking.parentReferenceId=mediator:3B28BA003D5A11DFBF807548C0B7C19C:3B4087C03D5A11DFBF807548C0B7C19C:req, transport.http.remoteAddress=10.177.219.95}
  [2010-04-01T12:16:02.125+05:30] [soa_server1] [WARNING] [] [oracle.soa.mediator.common] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [composite_name: calling_secured_web_service] [J2EE_MODULE.name: fabric] [component_instance_id: 3B28BA003D5A11DFBF807548C0B7C19C] [component_name: Mediator1] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [composite_instance_id: 30022] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] Headers after BaseActionHander.requestMessage :[]
  [2010-04-01T12:16:03.562+05:30] [soa_server1] [ERROR] [] [oracle.soa.mediator.serviceEngine] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [composite_name: calling_secured_web_service] [J2EE_MODULE.name: fabric] [component_instance_id: 3B28BA003D5A11DFBF807548C0B7C19C] [component_name: Mediator1] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [composite_instance_id: 30022] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] Rolling back transaction due to ORAMED-03303:[Unexpected exception in case execution]Unexpected exception in request response operation "retrieveItemCost" on reference "Service1". Possible Fix:Check whether the reference service is properly configured and running or look at exception for analysing the reason or contact oracle support.
  [2010-04-01T12:16:03.578+05:30] [soa_server1] [ERROR] [] [oracle.soa.mediator.serviceEngine] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [composite_name: calling_secured_web_service] [J2EE_MODULE.name: fabric] [component_instance_id: 3B28BA003D5A11DFBF807548C0B7C19C] [component_name: Mediator1] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [composite_instance_id: 30022] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] Got an exception: oracle.fabric.common.FabricInvocationException: javax.xml.ws.soap.SOAPFaultException: FailedCheck : failure in security check[[
  oracle.tip.mediator.infra.exception.MediatorException: ORAMED-03303:[Unexpected exception in case execution]Unexpected exception in request response operation "retrieveItemCost" on reference "Service1". Possible Fix:Check whether the reference service is properly configured and running or look at exception for analysing the reason or contact oracle support.
  at oracle.tip.mediator.service.SyncRequestResponseHandler.handleFault(SyncRequestResponseHandler.java:207)
  at oracle.tip.mediator.service.SyncRequestResponseHandler.process(SyncRequestResponseHandler.java:123)
  at oracle.tip.mediator.service.ActionProcessor.onMessage(ActionProcessor.java:64)
  at oracle.tip.mediator.dispatch.MessageDispatcher.executeCase(MessageDispatcher.java:124)
  at oracle.tip.mediator.dispatch.InitialMessageDispatcher.processCase(InitialMessageDispatcher.java:514)
  at oracle.tip.mediator.dispatch.InitialMessageDispatcher.processCases(InitialMessageDispatcher.java:417)
  at oracle.tip.mediator.dispatch.InitialMessageDispatcher.processCases(InitialMessageDispatcher.java:301)
  at oracle.tip.mediator.dispatch.InitialMessageDispatcher.dispatch(InitialMessageDispatcher.java:137)
  at oracle.tip.mediator.serviceEngine.MediatorServiceEngine.process(MediatorServiceEngine.java:779)
  at oracle.tip.mediator.serviceEngine.MediatorServiceEngine.request(MediatorServiceEngine.java:650)
  at oracle.integration.platform.blocks.mesh.SynchronousMessageHandler.doRequest(SynchronousMessageHandler.java:139)
  at oracle.integration.platform.blocks.mesh.MessageRouter.request(MessageRouter.java:179)
  at oracle.integration.platform.blocks.mesh.MeshImpl$2.run(MeshImpl.java:167)
  at java.security.AccessController.doPrivileged(Native Method)
  at javax.security.auth.Subject.doAs(Subject.java:396)
  at oracle.integration.platform.blocks.mesh.MeshImpl.doRequestAsSubject(MeshImpl.java:165)
  at oracle.integration.platform.blocks.mesh.MeshImpl.request(MeshImpl.java:141)
  at sun.reflect.GeneratedMethodAccessor1762.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:296)
  at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:177)
  at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:144)
  at oracle.integration.platform.metrics.PhaseEventAspect.invoke(PhaseEventAspect.java:59)
  at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
  at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
  at $Proxy184.request(Unknown Source)
  at oracle.integration.platform.blocks.soap.WebServiceEntryBindingComponent.doMessageProcessing(WebServiceEntryBindingComponent.java:1169)
  at oracle.integration.platform.blocks.soap.WebServiceEntryBindingComponent.processIncomingMessage(WebServiceEntryBindingComponent.java:768)
  at oracle.integration.platform.blocks.soap.FabricProvider.processMessage(FabricProvider.java:113)
  at oracle.j2ee.ws.server.provider.ProviderProcessor.doEndpointProcessing(ProviderProcessor.java:1160)
  at oracle.j2ee.ws.server.WebServiceProcessor$1.run(WebServiceProcessor.java:896)
  at java.security.AccessController.doPrivileged(Native Method)
  at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
  at oracle.security.jps.internal.jaas.AccActionExecutor.execute(AccActionExecutor.java:47)
  at oracle.security.jps.internal.jaas.CascadeActionExecutor$SubjectPrivilegedExceptionAction.run(CascadeActionExecutor.java:79)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
  at weblogic.security.Security.runAs(Security.java:61)
  at oracle.security.jps.wls.jaas.WlsActionExecutor.execute(WlsActionExecutor.java:48)
  at oracle.security.jps.internal.jaas.CascadeActionExecutor.execute(CascadeActionExecutor.java:52)
  at oracle.security.jps.internal.jaas.AbstractSubjectSecurity.executeAs(AbstractSubjectSecurity.java:105)
  at oracle.j2ee.ws.server.provider.GenericProviderPlatform.runAs(GenericProviderPlatform.java:302)
  at oracle.j2ee.ws.server.WebServiceProcessor.invokeEndpointImplementation(WebServiceProcessor.java:903)
  at oracle.j2ee.ws.server.provider.ProviderProcessor.doRequestProcessing(ProviderProcessor.java:561)
  at oracle.j2ee.ws.server.WebServiceProcessor.processRequest(WebServiceProcessor.java:216)
  at oracle.j2ee.ws.server.WebServiceProcessor.doService(WebServiceProcessor.java:179)
  at oracle.j2ee.ws.server.WebServiceServlet.doPost(WebServiceServlet.java:417)
  at oracle.integration.platform.blocks.soap.FabricProviderServlet.doPost(FabricProviderServlet.java:480)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
  at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
  at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:326)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3592)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2202)
  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2108)
  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1432)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Caused by: oracle.fabric.common.FabricInvocationException: javax.xml.ws.soap.SOAPFaultException: FailedCheck : failure in security check
  at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.throwFabricInvocationException(WebServiceExternalBindingComponent.java:414)
  at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.throwFabricInvocationExceptionForSoapFault(WebServiceExternalBindingComponent.java:410)
  at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.processSOAPFault(WebServiceExternalBindingComponent.java:393)
  at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.processOutboundMessage(WebServiceExternalBindingComponent.java:252)
  at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.sendSOAPMessage(WebServiceExternalBindingComponent.java:635)
  at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.request(WebServiceExternalBindingComponent.java:525)
  at oracle.integration.platform.blocks.mesh.SynchronousMessageHandler.doRequest(SynchronousMessageHandler.java:139)
  at oracle.integration.platform.blocks.mesh.MessageRouter.request(MessageRouter.java:179)
  at oracle.integration.platform.blocks.mesh.MeshImpl$2.run(MeshImpl.java:167)
  at java.security.AccessController.doPrivileged(Native Method)
  at javax.security.auth.Subject.doAs(Subject.java:396)
  at oracle.integration.platform.blocks.mesh.MeshImpl.doRequestAsSubject(MeshImpl.java:165)
  at oracle.integration.platform.blocks.mesh.MeshImpl.request(MeshImpl.java:141)
  at sun.reflect.GeneratedMethodAccessor1762.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:296)
  at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:177)
  at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:144)
  at oracle.integration.platform.metrics.PhaseEventAspect.invoke(PhaseEventAspect.java:71)
  at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
  at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
  at $Proxy184.request(Unknown Source)
  at oracle.tip.mediator.serviceEngine.MediatorServiceEngine.request2Mesh(MediatorServiceEngine.java:981)
  at oracle.tip.mediator.service.BaseActionHandler.requestProcess(BaseActionHandler.java:202)
  at oracle.tip.mediator.service.BaseActionHandler.requestProcess(BaseActionHandler.java:94)
  at oracle.tip.mediator.service.BaseActionHandler.requestProcess(BaseActionHandler.java:74)
  at oracle.tip.mediator.service.SyncRequestResponseHandler.process(SyncRequestResponseHandler.java:74)
  ... 64 more
  Caused by: javax.xml.ws.soap.SOAPFaultException: FailedCheck : failure in security check
  at oracle.j2ee.ws.client.jaxws.DispatchImpl.throwJAXWSSoapFaultException(DispatchImpl.java:882)
  at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:715)
  at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.synchronousInvocationWithRetry(OracleDispatchImpl.java:226)
  at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.invoke(OracleDispatchImpl.java:97)
  at oracle.integration.platform.blocks.soap.AbstractWebServiceBindingComponent.dispatchRequest(AbstractWebServiceBindingComponent.java:450)
  at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.processOutboundMessage(WebServiceExternalBindingComponent.java:185)
  ... 88 more
  [2010-04-01T12:16:03.578+05:30] [soa_server1] [ERROR] [] [oracle.soa.mediator.serviceEngine] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [composite_name: calling_secured_web_service] [J2EE_MODULE.name: fabric] [component_instance_id: 3B28BA003D5A11DFBF807548C0B7C19C] [component_name: Mediator1] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [composite_instance_id: 30022] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] Updating fault processing DMS metrics
  [2010-04-01T12:16:03.656+05:30] [soa_server1] [NOTIFICATION] [] [oracle.soa.mediator.serviceEngine] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [composite_name: calling_secured_web_service] [J2EE_MODULE.name: fabric] [component_instance_id: 3B28BA003D5A11DFBF807548C0B7C19C] [component_name: Mediator1] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [composite_instance_id: 30022] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] MediatorServiceEngine returning a response for operation = retrieveItemCost
  [2010-04-01T12:16:03.656+05:30] [soa_server1] [NOTIFICATION] [] [oracle.wsm.agent.WSMAgent] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [J2EE_MODULE.name: fabric] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] Message Type is normalized, exiting agent.processFault()
  [2010-04-01T12:16:03.656+05:30] [soa_server1] [NOTIFICATION] [] [oracle.wsm.agent.WSMAgent] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: all_function_all_data] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [WEBSERVICE_PORT.name: ItemCostServiceSoapHttpPort] [APP: soa-infra] [J2EE_MODULE.name: fabric] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ItemCostService] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] Message Type is normalized, exiting agent.processFault()
  [2010-04-01T12:16:04.296+05:30] [soa_server1] [ERROR] [OWS-04115] [oracle.webservices.service] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0:3] [APP: soa-infra] [arg: FabricProvider] [arg: javax.xml.rpc.soap.SOAPFaultException: FailedCheck : failure in security check] [TARGET: /Farm_test_domain/test_domain/soa_server1/soa-infra] [TARGET_TYPE: oracle_soainfra] An error occurred for port: FabricProvider: javax.xml.rpc.soap.SOAPFaultException: FailedCheck : failure in security check.
  [2010-04-01T12:16:04.312+05:30] [AdminServer] [NOTIFICATION] [] [oracle.sysman.emSDK.webservices.wsdlapi.dispatch.DispatchUtil] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Dispatch.invoke failed.Exception stack trace written to trace file.
  [2010-04-01T12:16:04.343+05:30] [AdminServer] [ERROR] [EM-00453] [oracle.sysman.emas.model.wsmgt.WSTestModel] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Failed to invoke operation
  [2010-04-01T12:16:04.343+05:30] [AdminServer] [ERROR] [EM-00453] [oracle.sysman.emas.view.wsmgt.WSView] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE]*.ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Failed to invoke operation*
  [2010-04-01T12:16:04.359+05:30] [AdminServer] [NOTIFICATION:24] [] [oracle.sysman.core.app.menu.XMLMenuManager] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] The Document for grid menu is not found.
  [2010-04-01T12:16:04.531+05:30] [AdminServer] [WARNING] [] [org.apache.myfaces.trinidad.bean.PropertyKey] [host: sjandhya-idc1] [nwaddr: 10.177.219.95] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IUs7bmy1f_JLMm0Fye1Bg7vS000325,0] [APP: em] [TARGET: /Farm_test_domain/test_domain/AdminServer/em] [TARGET_TYPE: j2ee_application] Unserializable value:oracle.sysman.core.view.tgtctls.common.DefaultTreeModel@15622f9 for key:UINodePropertyKey[value,17]
  Thanks
  Nitin

  Thanks again Billy,
  I have configured a wallet with all the necessary certificates. Actually I have purchased a VeriSign trusted certificate and convert that into Oracle Wallet (p12) using openssl with appropriate password. And I'm calling UTL_HTTP.set_wallet('<path_to_wallet>','<pass_to_open_it>');
  I have send my public key to them (web service company) and they need me to send my certificate with every request so that they can authenticate.
  You are saying we don't have to write any code for TLS/SSL UTL_HTTP will take care of that, thats really good.
  One more thing I want to mention here...
  In Internet Explorer - When I am importing my certificate without my private key and trying to access web service I'm getting 404 page not found error.
  But when I'm importing my certificate with the private key, I can see WSDL and all other methods offered by that web service.
  I'm guessing Oracle Wallet that I'm creating with my certificate will store private key also. B'coz it is showing me User Certificate in Ready state.
  ORA-00600 is not giving me proper location where I can find any error in my code.
  Thanks
  -Smith

• Xml cross domain

  I am putting xml weather on my Flash site using Yahoo!
  weather. I am using code similar to:
  var my_xml:XML = new XML();
  my_xml.ignoreWhite = true;
  my_xml.onLoad = function(success:Boolean) {
  // do something
  my_xml.load("
  http://xml.weather.yahoo.com/forecastrss?p=FRXX0076");
  city_mc.onEnterFrame = function() {
  city_mc._city.text =
  my_xml.firstChild.childNodes[0].childNodes[6].attributes.city;
  _temp.text =
  my_xml.firstChild.childNodes[0].lastChild.childNodes[5].attributes.temp;
  _conditions.text =
  my_xml.firstChild.childNodes[0].lastChild.childNodes[5].attributes.text;
  which works fine when tested locally, but doesn't work on the
  www.
  Yahoo offers cross domain xml at:
  http://search.yahooapis.com/crossdomain.xml
  which (I've been told) will remedy the security issue. How
  would I modify my code and/or .swf above to call the
  crossdomain.xml AND weather.xml needed to display weather on my
  site? I have EXTREMELY limited knowledge of XML, so be gentle.
  Thanks in advance for your assistance (and patience!)

  Yahoo weather needs its own crossdomain.xml. Apparently they
  are working on
  it :)
  http://tech.groups.yahoo.com/group/ydn-flash/message/10

• How to make cross domain calls using loadurl

  I you all. I ran into a little situation in which i need to make a cross domain call using loadurl. Has any one implemented this as yet. using loadurl. Thank you.

  Have a look here http://www.coldfusionjedi.com/index.cfm/2008/3/7/CrossDomain-AJAX-calls-using-ColdFusion
  Gramps

• Cross Domain Security Express - RAC configuration

  Hi All,
  Not sure if the general DB forum is the place for this but here goes.
  I am involved in designing a solution that wants to provide access to data from networks each trusted to a different level of security. The CDSE CDSS white paper look something like the design that we drew up.
  http://www.oracle.com/industries/government/pdfs/oracle-cross-domain-security-express-ds.pdf
  Question 1
  In the diagram on p3 does this reflect a single rac cluster spanning two separate networks, what would connectivity requirements be between the nodes?
  Question 2
  Is physical storage shared across networks and then logically divided using labels?
  Question 3
  COuld you define separate tablespaces and use partitioning to force higher and lower secured content into respective tablespaces in separate storage.
  Thanks in advance for any guidance
  Tim

  Hi All,
  Not sure if the general DB forum is the place for this but here goes.
  I am involved in designing a solution that wants to provide access to data from networks each trusted to a different level of security. The CDSE CDSS white paper look something like the design that we drew up.
  http://www.oracle.com/industries/government/pdfs/oracle-cross-domain-security-express-ds.pdf
  Question 1
  In the diagram on p3 does this reflect a single rac cluster spanning two separate networks, what would connectivity requirements be between the nodes?
  Question 2
  Is physical storage shared across networks and then logically divided using labels?
  Question 3
  COuld you define separate tablespaces and use partitioning to force higher and lower secured content into respective tablespaces in separate storage.
  Thanks in advance for any guidance
  Tim

• Integrating Wordpress into Muse need dynamic height based on content with cross domain

  Since Muse doesn't currently support Blogs and Wordpress integration I have decided to use an iFrame.
  My goal is to have the height of the iframe dynamically change based on the content in my Wordpress blog. I understand this is a common issue with frames that are hosted on different domains.
  I am running into having to over compensate with a bunch of deadspace to allow enough room. Alternatively I get the horrible looking scroll bar.
  I have tried using cross site scripting, JQuery and postMessage but am having trouble figuring out how to put the proper code into Muse and Wordpress for them to communicate back and forth.
  Please, any help on this matter would be greatly appreciated.

  Abhishek,
  Thanks for your reply, however, it is not working with Muse. I added the Javascript to the head section and adjusted iframe and it displays as a small square in the upper left hand corner, unable to view the whole page.
  Inserted into head section --
  <script type="text/javascript">
     function resizeIframe(obj)
    obj.style.height = 0;
    obj.style.height = obj.contentWindow.document.body.scrollHeight + 'px';
     </script>
  inserted as an html object --
  <iframe name="MycoSmooth" src="http://www.mycosmooth.com" frameborder="0" scrolling="no" id="iframe" onload='javascript:resizeIframe(this);' />
  Below is the result:
  The purpose is to have an independent website run the blogging capabilities, since muse doesn't directly support blogging as of yet.
  Since the site is on a different domain, I am running into cross domain issues and it won't get the height of the page. The methods that apparently work use php and I am unsure how that would work in muse, if at all.